On Jun 14, 2007, at 3:51 PM, Gary McGraw wrote:
I am in complete agreement with your thinking, which is why one of
the touchpoints (and chapter 9 of "Software Security" is about
operations. Ken knows more about this than any of us, but he's on
a plane now...right Ken?
Wow, I'd stop far sh
www.cigital.com/silverbullet
blog www.cigital.com/justiceleague
book www.swsec.com
-Original Message-
From: James Stibbards [mailto:[EMAIL PROTECTED]
Sent: Thursday, June 14, 2007 9:42 AM
To: Gary McGraw
Cc: SC-L@securecoding.org
Subject: RE: [SC-L] Harvard vs. von Neumann
Hi Gary (good to see you
[mailto:[EMAIL PROTECTED]
On Behalf Of Gary McGraw
Sent: Wednesday, June 13, 2007 8:59 PM
To: 'Crispin Cowan'
Cc: 'SC-L@securecoding.org'; 'Blue Boar'
Subject: Re: [SC-L] Harvard vs. von Neumann
I am reminded of a (bottle of wine induced) argument I once had with dan
geer o
, June 11, 2007 05:50 PM Eastern Standard Time
To: Gary McGraw
Cc: Blue Boar; SC-L@securecoding.org
Subject:Re: [SC-L] Harvard vs. von Neumann
Gary McGraw wrote:
> Though I don't quite understand computer science theory in the same way that
> Crispin does, I do think
Crispin Cowan wrote:
> Do you suppose it is because of the different techniques researchers use
> to detect vulnerabilities in source code vs. binary-only code? Or is
> that a bad assumption because the hax0rs have Microsoft's source code
> anyway? :-)
I'm in the process of hiring an outside firm
I agree with Ryan, at the top skill levels anyway. Binary reverse
engineering seems to have evolved to the point where I refer to binary as
"source-equivalent," and I was told by some well-known applied researcher
that some vulns are easier to find in binary than source.
But the bulk of public d
Steven M. Christey wrote:
> On Mon, 11 Jun 2007, Crispin Cowan wrote:
>
>> Kind of. I'm saying that "specification" and "implementation" are
>> relative to each other: at one level, a spec can say "put an iterative
>> loop here" and implementation of a bunch of x86 instructions.
>>
> I agre
On Mon, 11 Jun 2007, Crispin Cowan wrote:
> Gary McGraw wrote:
> > Though I don't quite understand computer science theory in the same way
> > that Crispin does, I do think it is worth pointing out that there are two
> > major kinds of security defects in software: bugs at the implementation
>
Gary McGraw wrote:
> Though I don't quite understand computer science theory in the same way that
> Crispin does, I do think it is worth pointing out that there are two major
> kinds of security defects in software: bugs at the implementation level, and
> flaws at the design/spec level. I think
der Mouse wrote:
>> Like it or not, the Web doesn't work right without Javascript now.
>
> Depends on what you mean by "the Web" and "work right". Fortunately,
> for at least some people's values of those, this is not true.
Obviously, I'm oversimplifying. I claim that there are enough web sites
der Mouse wrote:
>>
> What Turing actually tells us is that it is possible to construct
> programs that may be correct but whose correctness is not decidable.
> This is a far cry from saying that it is not possible to build
> well-structured programs whose correctness _is_ decidable.
True as f
At 9:00 AM -0400 6/11/07, Gary McGraw wrote:
> If we assumed perfection at the implementation level (through better
> languages, say), then we would end up solving roughly 50% of the
> software security problem.
>
> Clearly we need to make some progress at the architecture/design level
> to attai
> What Turing actually tells us is that it is possible to construct
> programs that may be correct but whose correctness is not decidable.
> This is a far cry from saying that it is not possible to build
> well-structured programs whose correctness _is_ decidable.
True as far as it goes - but don'
m
podcast www.cigital.com/silverbullet
blog www.cigital.com/justiceleague
book www.swsec.com
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Crispin Cowan
Sent: Monday, June 11, 2007 2:33 AM
To: Blue Boar
Cc: SC-L@securecoding.org
Subject: Re: [SC-L] Harvard v
Crispin Cowen wrote:
>>
IMHO, all this hand wringing is for naught. To get systems that never fail
requires total correctness. Turing tells us that total correctness is not
decidable, so you simply never will get it completely, you will only get
approximations at best.
<<
What Turing actually tel
IMHO, all this hand wringing is for naught. To get systems that never
fail requires total correctness. Turing tells us that total correctness
is not decidable, so you simply never will get it completely, you will
only get approximations at best.
Having humans write specifications and leaving progr
> Like it or not, the Web doesn't work right without Javascript now.
Depends on what you mean by "the Web" and "work right". Fortunately,
for at least some people's values of those, this is not true.
/~\ The ASCII der Mouse
\ / Ribbon Campaign
X Against HTML
ljknews wrote:
> It amazes me that someone in a discussion of software security would point
> to a page that requires Javascript to be viewed.
I'm on a couple of mailing list with Dr. Solly, an early antivirus
researcher. he likes to talk about this idea of "Grannyx" an
(hypothetical) operating sy
18 matches
Mail list logo
